HTTP Basic Access Authorization In Golang

One of the simplest and oldest methods of authorization is HTTP Basic authorization. While it isn’t as secure as the Users service of App Engine or the OAuth authorization model, it’s easy to implement and looks visually impressive depending on the user’s browser.

Here’s a picture of the HTTP Basic authorization prompt in IE10 on Windows 8:

The variable authorization contains a base64 encoded hash generated by the user’s browser, created by concatenating the username and password together with a colon: username:passwordR represents a http.Request reference, c is appengine.Context, and w is http.ResponseWriter.

//Get the authorization header.
authorization_array := r.Header["Authorization"]
if len(authorization_array) > 0 {
    authorization := strings.TrimSpace(authorization_array[0])
    c.Infof("Authorization: ", authorization)
} else {
    w.Header().Set("WWW-Authenticate", "Basic realm=\"user\"")
    http.Error(w, http.StatusText(401), 401)
}

YouTube Error Page

When designing web sites it’s always important to make every page – even error pages – user friendly. As an example, here’s a picture of YouTube’s error page. The reference to highly trained monkeys always makes me laugh.

Searching Twitter

Many web applications integrate Twitter into their pages to display realtime news and thoughts. Here’s a code snippet showing how to search Twitter using the twitter4j library.

Twitter’s search API doesn’t return all search results at once; instead it returns “pages” of results, with each page containing 100 tweets matching the search criteria. The following code snippet runs through many pages of search results using a while loop, so it may take some time to process. Run it within a backend if you’re searching for a particularly popular phrase or doing heavy processing on each tweet.

The variable twitter represents a twitter4j.Twitter object, and status represents a single tweet. You can extract tweet information from that object; for example status.getText() would return the text of the tweet. Edit the string “google app engine” to whatever text you’re searching Twitter for.

twitter4j.Query twitter_query = new twitter4j.Query("google app engine");
twitter_query.setCount(100);
//This while loop runs through each page of the returned 
//tweets. One page of results (100 tweets) is processed 
//per loop.
while (twitter_query != null) {
    //A list of the returned tweets, representing 1 page (100 tweets).
    QueryResult twitter_results = twitter.search(twitter_query);
    //Run through this page of results and access each returned tweet.
    for (Status status : twitter_results.getTweets()) {
        //Do something with the status object.
    }
    //Retrieves a Query representing the next page of results.
    twitter_query = twitter_results.nextQuery();
}//end while loop running through pages of returned results.

 

HTTP GET Using The Low Level Java App Engine API

Here’s a short code example showing how to do a HTTP GET using the low level Java API.

The variable url_string_here is the URL being retrieved as a String. It returns a byte[] array containing the content of the response. If the response code is not 200 (i.e. anything other than HTTP OK) then this code throws a RuntimeException.

URL url = new URL(url_string_here);
HTTPRequest request = new HTTPRequest(url, HTTPMethod.GET);
request.setHeader(new HTTPHeader("User-Agent", "Custom User Agent "));
//Execute request.
HTTPResponse response = URLFetchServiceFactory.getURLFetchService().fetch(request);
if (response.getResponseCode() == 200) {
    //The response was OK
    //Retrieve the content of the response.
    return response.getContent();
}//end if the response code was 200.
else {
    throw new RuntimeException("Response code was " + response.getResponseCode());
}

Capitalization In Cron Scheduling

A note on cron: schedules must be recorded in all lowercase letters. The following picture shows an application upload failure because the S in Saturday is capitalized in cron.

However the all lowercase version schedule: every saturday 9:00 works.

Posting To Twitter

Many web applications need to connect to and integrate with Twitter. In Java, the best and most widely-used library is twitter4j. The following code snippet shows how to connect to Twitter and post a tweet.

Oauth_consumer_keyoauth_consumer_secretoauth_access_token, and oauth_access_token_secret are the Twitter OAuth authentication keys. You can generate those keys by going to Twitter’s developer site and creating an application plus access tokens. The string tweet_text is the text to post to Twitter. If any problems occur while posting to Twitter, a TwitterException will be thrown.

ConfigurationBuilder config = new ConfigurationBuilder();
config.setDebugEnabled(true);
config.setOAuthConsumerKey(oauth_consumer_key);
config.setOAuthConsumerSecret(oauth_consumer_secret);
config.setOAuthAccessToken(oauth_access_token);
config.setOAuthAccessTokenSecret(oauth_access_token_secret);
Twitter twitter = (new TwitterFactory(config.build())).getInstance();
try {
    //Post to Twitter.
    twitter.updateStatus(tweet_text);
}
catch (TwitterException e) {
    //error posting to Twitter
}

Simple Logging In Java

In most applications, it’s a good idea to use a robust logging framework such as java.util.logging.* or log4j. However, when you’re writing simpler App Engine applications there is an alternative: use System.out and System.err.

App Engine catches all output written to the standard output streams System.out/System.err and prints it into the application’s logs. So logging a message is as simple as writing one line of code:

System.out.println("This is an informational logging line.");

Use the System.err stream to log an error:

System.err.println("Exception: " + e.getMessage());

If you do decide to log informational messages, you also need to set the logging level to INFO. Open up the logging.properties file in the /war/WEB-INF/ directory:

Change the .level property to INFO:

.level = INFO

Now your App Engine application will record and display all logs sent to System.out and System.err.

Extract Subdomain From Request In Go

Here’s a code snippet that extracts the subdomain from an user’s request and places it as the first element in a new array.

R represents http.Request, and subdomain represents a new string array that has the extracted subdomain as its first and only element.

//The Host that the user queried.
host := r.URL.Host
host = strings.TrimSpace(host)
//Figure out if a subdomain exists in the host given.
host_parts := strings.Split(host, ".")
if len(host_parts) > 2 {
    //The subdomain exists, we store it as the first element 
    //in a new array
    subdomain := []string{host_parts[0]}
}

App Engine Default Server Error Page

When your application encounters an error, App Engine will shut down the request causing the error and return the following text to the user:

Error: Server Error

The server encountered an error and could not complete your request.
If the problem persists, please report your problem and mention this error message and the query that caused it.

The server error page will look similar to the following:

This error page is not the full error report; to see the actual error, you need to go to the Logs section of your App Engine application and find the error log. Here’s some pictures to help you find the error log:

First, go to your application dashboard and click the Logs link:

Click on the radio button marked Logs with minimum severity and choose Error from the dropdown box:

The logs page will automatically update to show all requests that failed.